﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using Backend;
using Backend.BLL;
using Backend.DTO;

namespace ReSeSSApplication
{
    public partial class Index : System.Web.UI.Page
    {
        private UserBLL aUserBLL = new UserBLL();

        protected void Page_Load(object sender, EventArgs e)
        {
            AlertSuccess.Visible = false;
            AlertError.Visible = false;

            UserDTO loggedInUser = (UserDTO)Session["LoggedInUserDTO"];
            RedirectUser(loggedInUser);
        }

        protected void LoginButton_Click(object sender, EventArgs e)
        {
            string login = txtLoginId.Text.Trim();
            string pass = txtPassword.Text.Trim();

            try
            {
                UserDTO aUser = aUserBLL.GetUser(login);

                if (aUser != null && aUser.Password == pass && aUser.IsActive)
                {
                    Session["LoggedInUserDTO"] = aUser;
                    RedirectUser(aUser);
                }
                else
                {
                    AlertError.InnerText = "Invalid Login Id or Password.";
                    AlertError.Visible = true;
                }
            }
            catch(Exception ex)
            {
                AlertError.InnerText = ex.Message;
                AlertError.Visible = true;
            }
        }

        protected void ResetPasswordButton_Click(object sender, EventArgs e)
        {
            string email = txtEmail.Text.Trim();
            string uri = Utility.GetUriDirectory(Request.Url.AbsoluteUri);

            if (string.IsNullOrEmpty(email))
            {
                AlertError.InnerText = "Please enter email address";
                AlertError.Visible = true;
            }
            else if (!Utility.IsValidEmail(email))
            {
                AlertError.InnerText = "Invalid email address entered";
                AlertError.Visible = true;
            }
            else 
            {
                string resetPasswordResult = aUserBLL.ResetPassword(email);
                
                if (resetPasswordResult == "success")
                {
                    UserDTO aUser = aUserBLL.GetUserByEmail(email);

                    try
                    {
                        // send email
                        string message = "Hi, <br /><br />You have requested to reset your password. <br />Please <a href='" + uri + "ResetPassword.aspx?key=" + aUser.ResetPasswordKey + "' target='_blank'>\"Click this link\"</a> or copy-paste the following link into your browser's address bar to re-enter your password.<br /><br />" + uri + "ResetPassword.aspx?key=" + aUser.ResetPasswordKey + " <br /><br />Thanks.";
                        Utility.SendEmailMessage(aUser.Email, "Password Reset", message);

                        AlertSuccess.InnerHtml = "Your password has been reset.<br />New password sent to your email address. Please check your email.";
                        AlertSuccess.Visible = true;
                    }
                    catch(Exception ex)
                    {
                        AlertError.InnerText = ex.Message;
                        AlertError.Visible = true;
                    }
                }
                else
                {
                    AlertError.InnerText = resetPasswordResult;
                    AlertError.Visible = true;
                }
            }
        }

        protected void RedirectUser(UserDTO aUser)
        {
            if (aUser != null)
            {
                if (aUser.UserType == "Administrator")
                {
                    Response.Redirect("AdministratorDashboard.aspx");
                }
                else if (aUser.UserType == "User")
                {
                    Response.Redirect("UserDashboard.aspx");
                }
                else
                {
                    Response.Redirect("LogOut.aspx");
                }
            }
        }
    }
}